def build(self) -> Tuple[IR, EnvoyConfig]:
# Do a build, return IR & econf, but also stash them in self.builds.
yaml_data = yaml.safe_dump_all(self.resources.values())
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml_data, k8s=True)
aconf.load_all(fetcher.sorted())
ir = IR(aconf,
cache=self.cache,
file_checker=lambda path: True,
secret_handler=self.secret_handler)
assert ir, "could not create an IR"
econf = EnvoyConfig.generate(ir, "V2", cache=self.cache)
assert econf, "could not create an econf"
self.builds.append((ir, econf))
return ir, econf
def test_knative_counters():
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(knative_ingress_example, k8s=True)
aconf.load_all(fetcher.sorted())
secret_handler = NullSecretHandler(logger, None, None, "0")
ir = IR(aconf, secret_handler=secret_handler)
feats = ir.features()
assert feats['knative_ingress_count'] == 1, f"Expected a Knative ingress, did not find one"
assert feats['cluster_ingress_count'] == 0, f"Expected no Knative cluster ingresses, found at least one"
def test_envvar_expansion():
os.environ["TEST_SERVICE"] = "foo"
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml)
aconf.load_all(fetcher.sorted())
mappings = aconf.config["mappings"]
test_mapping = mappings["test_mapping"]
assert test_mapping.service == "foo:9999"
def _test_errorresponse(yaml, expectations, expect_fail=False):
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml)
aconf.load_all(fetcher.sorted())
secret_handler = NullSecretHandler(logger, None, None, "0")
ir = IR(aconf,
file_checker=lambda path: True,
secret_handler=secret_handler)
error_response = IRErrorResponse(
ir, aconf, ir.ambassador_module.get('error_response_overrides', None),
ir.ambassador_module)
error_response.setup(ir, aconf)
if aconf.errors:
print("errors: %s" % repr(aconf.errors))
ir_conf = error_response.config()
if expect_fail:
assert ir_conf is None
return
assert ir_conf
# There should be no default body format override
body_format = ir_conf.get('body_format', None)
assert body_format is None
mappers = ir_conf.get('mappers', None)
assert mappers
assert len(mappers) == len(expectations), \
f"unexpected len(mappers) {len(expectations)} != len(expectations) {len(expectations)}"
for i in range(len(expectations)):
expected_filter, expected_body_format_override = expectations[i]
m = mappers[i]
print(
"checking with expected_body_format_override %s and expected_filter %s"
% (expected_body_format_override, expected_filter))
print("checking m: ", m)
actual_filter = m['filter']
assert m['filter'] == expected_filter
if expected_body_format_override:
actual_body_format_override = m['body_format_override']
assert actual_body_format_override == expected_body_format_override
def _get_envoy_config(yaml):
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml)
aconf.load_all(fetcher.sorted())
secret_handler = NullSecretHandler(logger, None, None, "0")
ir = IR(aconf, file_checker=lambda path: True, secret_handler=secret_handler)
assert ir
return EnvoyConfig.generate(ir, "V2")
def _get_envoy_config(yaml, version='V3'):
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(default_listener_manifests() + yaml, k8s=True)
aconf.load_all(fetcher.sorted())
secret_handler = NullSecretHandler(logger, None, None, "0")
ir = IR(aconf, file_checker=lambda path: True, secret_handler=secret_handler)
assert ir
return EnvoyConfig.generate(ir, version)
def test_shadow_v3():
aconf = Config()
yaml = '''
---
apiVersion: getambassador.io/v2
kind: Mapping
name: httpbin-mapping
service: httpbin
prefix: /httpbin/
---
apiVersion: getambassador.io/v2
kind: Mapping
name: httpbin-mapping-shadow
service: httpbin-shadow
prefix: /httpbin/
shadow: true
weight: 10
'''
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml)
aconf.load_all(fetcher.sorted())
secret_handler = MockSecretHandler(logger, "mockery",
"/tmp/ambassador/snapshots", "v1")
ir = IR(aconf,
file_checker=lambda path: True,
secret_handler=secret_handler)
assert ir
econf = EnvoyConfig.generate(ir, "V3")
bootstrap_config, ads_config, _ = econf.split_config()
ads_config.pop('@type', None)
mirrored_config = get_mirrored_config(ads_config)
assert 'request_mirror_policies' in mirrored_config['route']
assert len(mirrored_config['route']['request_mirror_policies']) == 1
mirror_policy = mirrored_config['route']['request_mirror_policies'][0]
assert mirror_policy['cluster'] == 'cluster_shadow_httpbin_shadow_default'
assert mirror_policy['runtime_fraction']['default_value'][
'numerator'] == 10
assert mirror_policy['runtime_fraction']['default_value'][
'denominator'] == 'HUNDRED'
assert_valid_envoy_config(ads_config)
assert_valid_envoy_config(bootstrap_config)
def _test_headercaseoverrides(yaml, expectations, expect_norules=False):
aconf = Config()
yaml = yaml + '''
---
apiVersion: getambassador.io/v2
kind: Mapping
name: httpbin-mapping
service: httpbin
prefix: /httpbin/
'''
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml)
aconf.load_all(fetcher.sorted())
secret_handler = NullSecretHandler(logger, None, None, "0")
ir = IR(aconf, file_checker=lambda path: True, secret_handler=secret_handler)
assert ir
econf = EnvoyConfig.generate(ir, "V2")
assert econf, "could not create an econf"
found_module_rules = False
found_cluster_rules = False
conf = econf.as_dict()
for listener in conf['static_resources']['listeners']:
for filter_chain in listener['filter_chains']:
for f in filter_chain['filters']:
typed_config = f['typed_config']
if 'http_protocol_options' not in typed_config:
continue
http_protocol_options = typed_config['http_protocol_options']
if expect_norules:
assert 'header_key_format' not in http_protocol_options, \
f"'header_key_format' found unexpected typed_config {typed_config}"
continue
assert 'header_key_format' in http_protocol_options, \
f"'header_key_format' not found, typed_config {typed_config}"
header_key_format = http_protocol_options['header_key_format']
assert 'custom' in header_key_format, \
f"'custom' not found, typed_config {typed_config}"
rules = header_key_format['custom']['rules']
assert len(rules) == len(expectations)
for e in expectations:
hdr = e.lower()
assert hdr in rules
rule = rules[hdr]
assert rule == e, f"unexpected rule {rule} in {rules}"
found_module_rules = True
for cluster in conf['static_resources']['clusters']:
if 'httpbin' not in cluster['name']:
continue
http_protocol_options = cluster.get('http_protocol_options', None)
if not http_protocol_options:
if expect_norules:
continue
assert 'http_protocol_options' in cluster, \
f"'http_protocol_options' missing from cluster: {cluster}"
if expect_norules:
assert 'header_key_format' not in http_protocol_options, \
f"'header_key_format' found unexpected cluster: {cluster}"
continue
assert 'header_key_format' in http_protocol_options, \
f"'header_key_format' not found, cluster {cluster}"
header_key_format = http_protocol_options['header_key_format']
assert 'custom' in header_key_format, \
f"'custom' not found, cluster {cluster}"
rules = header_key_format['custom']['rules']
assert len(rules) == len(expectations)
for e in expectations:
hdr = e.lower()
assert hdr in rules
rule = rules[hdr]
assert rule == e, f"unexpected rule {rule} in {rules}"
found_cluster_rules = True
if expect_norules:
assert not found_module_rules
assert not found_cluster_rules
else:
assert found_module_rules
assert found_cluster_rules
def test_lookup():
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml)
aconf.load_all(fetcher.sorted())
secret_handler = NullSecretHandler(logger, None, None, "0")
ir = IR(aconf, file_checker=lambda path: True, secret_handler=secret_handler)
t1 = IRBuffer(ir, aconf, rkey='-foo-', name='buffer', max_request_bytes=4096)
t2 = IRTestResource(ir, aconf, rkey='-foo-', name='buffer', max_request_bytes=8192)
assert t1.lookup('max_request_bytes') == 4096
assert t1.lookup('max_request_bytes', 57) == 4096
assert t1.lookup('max_request_bytes2', 57) == 57
assert t1.lookup('max_request_words') == 1
assert t1.lookup('max_request_words', 77) == 1
assert t1.lookup('max_request_words', default_key='altered') == 2
assert t1.lookup('max_request_words', 77, default_key='altered') == 2
assert t1.lookup('max_request_words', default_key='altered2') == None
assert t1.lookup('max_request_words', 77, default_key='altered2') == 77
assert t1.lookup('max_request_words', default_class='test_resource') == 3
assert t1.lookup('max_request_words', 77, default_class='test_resource') == 3
assert t1.lookup('max_request_words', 77, default_class='test_resource2') == 1
assert t1.lookup('max_request_words', default_key='altered', default_class='test_resource') == 4
assert t1.lookup('max_request_words', 77, default_key='altered', default_class='test_resource') == 4
assert t1.lookup('max_request_words', default_key='altered2', default_class='test_resource') == None
assert t1.lookup('max_request_words', 77, default_key='altered2', default_class='test_resource') == 77
assert t1.lookup('funk') == None
assert t1.lookup('funk', 77) == 77
assert t1.lookup('funk', default_class='test_resource') == 8
assert t1.lookup('funk', 77, default_class='test_resource') == 8
assert t1.lookup('funk', 77, default_class='test_resource2') == 77
assert t2.lookup('max_request_bytes') == 8192
assert t2.lookup('max_request_bytes', 57) == 8192
assert t2.lookup('max_request_bytes2', 57) == 57
assert t2.lookup('max_request_words') == 3
assert t2.lookup('max_request_words', 77) == 3
assert t2.lookup('max_request_words', default_key='altered') == 4
assert t2.lookup('max_request_words', 77, default_key='altered') == 4
assert t2.lookup('max_request_words', default_key='altered2') == None
assert t2.lookup('max_request_words', 77, default_key='altered2') == 77
assert t2.lookup('max_request_words', default_class='/') == 1
assert t2.lookup('max_request_words', 77, default_class='/') == 1
assert t2.lookup('max_request_words', 77, default_class='/2') == 1
assert t2.lookup('max_request_words', default_key='altered', default_class='/') == 2
assert t2.lookup('max_request_words', 77, default_key='altered', default_class='/') == 2
assert t2.lookup('max_request_words', default_key='altered2', default_class='/') == None
assert t2.lookup('max_request_words', 77, default_key='altered2', default_class='/') == 77
assert t2.lookup('funk') == 8
assert t2.lookup('funk', 77) == 8
assert t2.lookup('funk', default_class='test_resource') == 8
assert t2.lookup('funk', 77, default_class='test_resource') == 8
assert t2.lookup('funk', 77, default_class='test_resource2') == 77
def test_qualify_service():
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml)
aconf.load_all(fetcher.sorted())
secret_handler = NullSecretHandler(logger, None, None, "0")
ir = IR(aconf,
file_checker=lambda path: True,
secret_handler=secret_handler)
assert ir, "could not create an IR"
assert qualify_service_name(ir, "backoffice", None) == "backoffice"
assert qualify_service_name(ir, "backoffice", "default") == "backoffice"
assert qualify_service_name(ir, "backoffice",
"otherns") == "backoffice.otherns"
assert qualify_service_name(ir, "backoffice.otherns",
None) == "backoffice.otherns"
assert qualify_service_name(ir, "backoffice.otherns",
"default") == "backoffice.otherns"
assert qualify_service_name(ir, "backoffice.otherns",
"otherns") == "backoffice.otherns"
assert normalize_service_name(ir, "backoffice", None,
'ConsulResolver') == "backoffice"
assert normalize_service_name(ir, "backoffice", "default",
'ConsulResolver') == "backoffice"
assert normalize_service_name(ir, "backoffice", "otherns",
'ConsulResolver') == "backoffice"
assert normalize_service_name(ir, "backoffice.otherns", None,
'ConsulResolver') == "backoffice.otherns"
assert normalize_service_name(ir, "backoffice.otherns", "default",
'ConsulResolver') == "backoffice.otherns"
assert normalize_service_name(ir, "backoffice.otherns", "otherns",
'ConsulResolver') == "backoffice.otherns"
assert qualify_service_name(ir, "backoffice:80", None) == "backoffice:80"
assert qualify_service_name(ir, "backoffice:80",
"default") == "backoffice:80"
assert qualify_service_name(ir, "backoffice:80",
"otherns") == "backoffice.otherns:80"
assert qualify_service_name(ir, "backoffice.otherns:80",
None) == "backoffice.otherns:80"
assert qualify_service_name(ir, "backoffice.otherns:80",
"default") == "backoffice.otherns:80"
assert qualify_service_name(ir, "backoffice.otherns:80",
"otherns") == "backoffice.otherns:80"
assert normalize_service_name(ir, "backoffice:80", None,
'ConsulResolver') == "backoffice:80"
assert normalize_service_name(ir, "backoffice:80", "default",
'ConsulResolver') == "backoffice:80"
assert normalize_service_name(ir, "backoffice:80", "otherns",
'ConsulResolver') == "backoffice:80"
assert normalize_service_name(ir, "backoffice.otherns:80", None,
'ConsulResolver') == "backoffice.otherns:80"
assert normalize_service_name(ir, "backoffice.otherns:80", "default",
'ConsulResolver') == "backoffice.otherns:80"
assert normalize_service_name(ir, "backoffice.otherns:80", "otherns",
'ConsulResolver') == "backoffice.otherns:80"
assert qualify_service_name(ir, "http://backoffice",
None) == "http://backoffice"
assert qualify_service_name(ir, "http://backoffice",
"default") == "http://backoffice"
assert qualify_service_name(ir, "http://backoffice",
"otherns") == "http://backoffice.otherns"
assert qualify_service_name(ir, "http://backoffice.otherns",
None) == "http://backoffice.otherns"
assert qualify_service_name(ir, "http://backoffice.otherns",
"default") == "http://backoffice.otherns"
assert qualify_service_name(ir, "http://backoffice.otherns",
"otherns") == "http://backoffice.otherns"
assert normalize_service_name(ir, "http://backoffice", None,
'ConsulResolver') == "http://backoffice"
assert normalize_service_name(ir, "http://backoffice", "default",
'ConsulResolver') == "http://backoffice"
assert normalize_service_name(ir, "http://backoffice", "otherns",
'ConsulResolver') == "http://backoffice"
assert normalize_service_name(
ir, "http://backoffice.otherns", None,
'ConsulResolver') == "http://backoffice.otherns"
assert normalize_service_name(
ir, "http://backoffice.otherns", "default",
'ConsulResolver') == "http://backoffice.otherns"
assert normalize_service_name(
ir, "http://backoffice.otherns", "otherns",
'ConsulResolver') == "http://backoffice.otherns"
assert qualify_service_name(ir, "http://backoffice:80",
None) == "http://backoffice:80"
assert qualify_service_name(ir, "http://backoffice:80",
"default") == "http://backoffice:80"
assert qualify_service_name(ir, "http://backoffice:80",
"otherns") == "http://backoffice.otherns:80"
assert qualify_service_name(ir, "http://backoffice.otherns:80",
None) == "http://backoffice.otherns:80"
assert qualify_service_name(ir, "http://backoffice.otherns:80",
"default") == "http://backoffice.otherns:80"
assert qualify_service_name(ir, "http://backoffice.otherns:80",
"otherns") == "http://backoffice.otherns:80"
assert normalize_service_name(ir, "http://backoffice:80", None,
'ConsulResolver') == "http://backoffice:80"
assert normalize_service_name(ir, "http://backoffice:80", "default",
'ConsulResolver') == "http://backoffice:80"
assert normalize_service_name(ir, "http://backoffice:80", "otherns",
'ConsulResolver') == "http://backoffice:80"
assert normalize_service_name(
ir, "http://backoffice.otherns:80", None,
'ConsulResolver') == "http://backoffice.otherns:80"
assert normalize_service_name(
ir, "http://backoffice.otherns:80", "default",
'ConsulResolver') == "http://backoffice.otherns:80"
assert normalize_service_name(
ir, "http://backoffice.otherns:80", "otherns",
'ConsulResolver') == "http://backoffice.otherns:80"
assert qualify_service_name(ir, "https://backoffice",
None) == "https://backoffice"
assert qualify_service_name(ir, "https://backoffice",
"default") == "https://backoffice"
assert qualify_service_name(ir, "https://backoffice",
"otherns") == "https://backoffice.otherns"
assert qualify_service_name(ir, "https://backoffice.otherns",
None) == "https://backoffice.otherns"
assert qualify_service_name(ir, "https://backoffice.otherns",
"default") == "https://backoffice.otherns"
assert qualify_service_name(ir, "https://backoffice.otherns",
"otherns") == "https://backoffice.otherns"
assert normalize_service_name(ir, "https://backoffice", None,
'ConsulResolver') == "https://backoffice"
assert normalize_service_name(ir, "https://backoffice", "default",
'ConsulResolver') == "https://backoffice"
assert normalize_service_name(ir, "https://backoffice", "otherns",
'ConsulResolver') == "https://backoffice"
assert normalize_service_name(
ir, "https://backoffice.otherns", None,
'ConsulResolver') == "https://backoffice.otherns"
assert normalize_service_name(
ir, "https://backoffice.otherns", "default",
'ConsulResolver') == "https://backoffice.otherns"
assert normalize_service_name(
ir, "https://backoffice.otherns", "otherns",
'ConsulResolver') == "https://backoffice.otherns"
assert qualify_service_name(ir, "https://backoffice:443",
None) == "https://backoffice:443"
assert qualify_service_name(ir, "https://backoffice:443",
"default") == "https://backoffice:443"
assert qualify_service_name(ir, "https://backoffice:443",
"otherns") == "https://backoffice.otherns:443"
assert qualify_service_name(ir, "https://backoffice.otherns:443",
None) == "https://backoffice.otherns:443"
assert qualify_service_name(ir, "https://backoffice.otherns:443",
"default") == "https://backoffice.otherns:443"
assert qualify_service_name(ir, "https://backoffice.otherns:443",
"otherns") == "https://backoffice.otherns:443"
assert normalize_service_name(ir, "https://backoffice:443", None,
'ConsulResolver') == "https://backoffice:443"
assert normalize_service_name(ir, "https://backoffice:443", "default",
'ConsulResolver') == "https://backoffice:443"
assert normalize_service_name(ir, "https://backoffice:443", "otherns",
'ConsulResolver') == "https://backoffice:443"
assert normalize_service_name(
ir, "https://backoffice.otherns:443", None,
'ConsulResolver') == "https://backoffice.otherns:443"
assert normalize_service_name(
ir, "https://backoffice.otherns:443", "default",
'ConsulResolver') == "https://backoffice.otherns:443"
assert normalize_service_name(
ir, "https://backoffice.otherns:443", "otherns",
'ConsulResolver') == "https://backoffice.otherns:443"
assert qualify_service_name(ir, "localhost", None) == "localhost"
assert qualify_service_name(ir, "localhost", "default") == "localhost"
assert qualify_service_name(ir, "localhost", "otherns") == "localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "localhost.otherns",
None) == "localhost.otherns"
assert qualify_service_name(ir, "localhost.otherns",
"default") == "localhost.otherns"
assert qualify_service_name(ir, "localhost.otherns",
"otherns") == "localhost.otherns"
assert normalize_service_name(ir, "localhost", None,
'ConsulResolver') == "localhost"
assert normalize_service_name(ir, "localhost", "default",
'ConsulResolver') == "localhost"
assert normalize_service_name(ir, "localhost", "otherns",
'ConsulResolver') == "localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert normalize_service_name(ir, "localhost.otherns", None,
'ConsulResolver') == "localhost.otherns"
assert normalize_service_name(ir, "localhost.otherns", "default",
'ConsulResolver') == "localhost.otherns"
assert normalize_service_name(ir, "localhost.otherns", "otherns",
'ConsulResolver') == "localhost.otherns"
assert qualify_service_name(ir, "localhost:80", None) == "localhost:80"
assert qualify_service_name(ir, "localhost:80",
"default") == "localhost:80"
assert qualify_service_name(ir, "localhost:80",
"otherns") == "localhost:80"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "localhost.otherns:80",
None) == "localhost.otherns:80"
assert qualify_service_name(ir, "localhost.otherns:80",
"default") == "localhost.otherns:80"
assert qualify_service_name(ir, "localhost.otherns:80",
"otherns") == "localhost.otherns:80"
assert normalize_service_name(ir, "localhost:80", None,
'ConsulResolver') == "localhost:80"
assert normalize_service_name(ir, "localhost:80", "default",
'ConsulResolver') == "localhost:80"
assert normalize_service_name(ir, "localhost:80", "otherns",
'ConsulResolver') == "localhost:80"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert normalize_service_name(ir, "localhost.otherns:80", None,
'ConsulResolver') == "localhost.otherns:80"
assert normalize_service_name(ir, "localhost.otherns:80", "default",
'ConsulResolver') == "localhost.otherns:80"
assert normalize_service_name(ir, "localhost.otherns:80", "otherns",
'ConsulResolver') == "localhost.otherns:80"
assert qualify_service_name(ir, "http://localhost",
None) == "http://localhost"
assert qualify_service_name(ir, "http://localhost",
"default") == "http://localhost"
assert qualify_service_name(ir, "http://localhost",
"otherns") == "http://localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "http://localhost.otherns",
None) == "http://localhost.otherns"
assert qualify_service_name(ir, "http://localhost.otherns",
"default") == "http://localhost.otherns"
assert qualify_service_name(ir, "http://localhost.otherns",
"otherns") == "http://localhost.otherns"
assert normalize_service_name(ir, "http://localhost", None,
'ConsulResolver') == "http://localhost"
assert normalize_service_name(ir, "http://localhost", "default",
'ConsulResolver') == "http://localhost"
assert normalize_service_name(ir, "http://localhost", "otherns",
'ConsulResolver') == "http://localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert normalize_service_name(
ir, "http://localhost.otherns", None,
'ConsulResolver') == "http://localhost.otherns"
assert normalize_service_name(
ir, "http://localhost.otherns", "default",
'ConsulResolver') == "http://localhost.otherns"
assert normalize_service_name(
ir, "http://localhost.otherns", "otherns",
'ConsulResolver') == "http://localhost.otherns"
assert qualify_service_name(ir, "http://localhost:80",
None) == "http://localhost:80"
assert qualify_service_name(ir, "http://localhost:80",
"default") == "http://localhost:80"
assert qualify_service_name(ir, "http://localhost:80",
"otherns") == "http://localhost:80"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "http://localhost.otherns:80",
None) == "http://localhost.otherns:80"
assert qualify_service_name(ir, "http://localhost.otherns:80",
"default") == "http://localhost.otherns:80"
assert qualify_service_name(ir, "http://localhost.otherns:80",
"otherns") == "http://localhost.otherns:80"
assert normalize_service_name(ir, "http://localhost:80", None,
'ConsulResolver') == "http://localhost:80"
assert normalize_service_name(ir, "http://localhost:80", "default",
'ConsulResolver') == "http://localhost:80"
assert normalize_service_name(ir, "http://localhost:80", "otherns",
'ConsulResolver') == "http://localhost:80"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert normalize_service_name(
ir, "http://localhost.otherns:80", None,
'ConsulResolver') == "http://localhost.otherns:80"
assert normalize_service_name(
ir, "http://localhost.otherns:80", "default",
'ConsulResolver') == "http://localhost.otherns:80"
assert normalize_service_name(
ir, "http://localhost.otherns:80", "otherns",
'ConsulResolver') == "http://localhost.otherns:80"
assert qualify_service_name(ir, "https://localhost",
None) == "https://localhost"
assert qualify_service_name(ir, "https://localhost",
"default") == "https://localhost"
assert qualify_service_name(ir, "https://localhost",
"otherns") == "https://localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "https://localhost.otherns",
None) == "https://localhost.otherns"
assert qualify_service_name(ir, "https://localhost.otherns",
"default") == "https://localhost.otherns"
assert qualify_service_name(ir, "https://localhost.otherns",
"otherns") == "https://localhost.otherns"
assert normalize_service_name(ir, "https://localhost", None,
'ConsulResolver') == "https://localhost"
assert normalize_service_name(ir, "https://localhost", "default",
'ConsulResolver') == "https://localhost"
assert normalize_service_name(ir, "https://localhost", "otherns",
'ConsulResolver') == "https://localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert normalize_service_name(
ir, "https://localhost.otherns", None,
'ConsulResolver') == "https://localhost.otherns"
assert normalize_service_name(
ir, "https://localhost.otherns", "default",
'ConsulResolver') == "https://localhost.otherns"
assert normalize_service_name(
ir, "https://localhost.otherns", "otherns",
'ConsulResolver') == "https://localhost.otherns"
assert qualify_service_name(ir, "https://localhost:443",
None) == "https://localhost:443"
assert qualify_service_name(ir, "https://localhost:443",
"default") == "https://localhost:443"
assert qualify_service_name(ir, "https://localhost:443",
"otherns") == "https://localhost:443"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "https://localhost.otherns:443",
None) == "https://localhost.otherns:443"
assert qualify_service_name(ir, "https://localhost.otherns:443",
"default") == "https://localhost.otherns:443"
assert qualify_service_name(ir, "https://localhost.otherns:443",
"otherns") == "https://localhost.otherns:443"
assert normalize_service_name(ir, "https://localhost:443", None,
'ConsulResolver') == "https://localhost:443"
assert normalize_service_name(ir, "https://localhost:443", "default",
'ConsulResolver') == "https://localhost:443"
assert normalize_service_name(ir, "https://localhost:443", "otherns",
'ConsulResolver') == "https://localhost:443"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert normalize_service_name(
ir, "https://localhost.otherns:443", None,
'ConsulResolver') == "https://localhost.otherns:443"
assert normalize_service_name(
ir, "https://localhost.otherns:443", "default",
'ConsulResolver') == "https://localhost.otherns:443"
assert normalize_service_name(
ir, "https://localhost.otherns:443", "otherns",
'ConsulResolver') == "https://localhost.otherns:443"
assert qualify_service_name(
ir, "ambassador://foo.ns", "otherns"
) == "ambassador://foo.ns" # let's not introduce silly semantics
assert qualify_service_name(
ir, "//foo.ns:1234", "otherns"
) == "foo.ns:1234" # we tell people "URL-ish", actually support URL-ish
assert qualify_service_name(ir, "foo.ns:1234", "otherns") == "foo.ns:1234"
assert normalize_service_name(
ir, "ambassador://foo.ns", "otherns", 'ConsulResolver'
) == "ambassador://foo.ns" # let's not introduce silly semantics
assert normalize_service_name(
ir, "//foo.ns:1234", "otherns", 'ConsulResolver'
) == "foo.ns:1234" # we tell people "URL-ish", actually support URL-ish
assert normalize_service_name(ir, "foo.ns:1234", "otherns",
'ConsulResolver') == "foo.ns:1234"
errors = ir.aconf.errors
assert not errors
assert qualify_service_name(ir, "https://bad-service:443:443",
"otherns") == "https://bad-service:443:443"
assert qualify_service_name(
ir, "https://bad-service:443:443", "otherns",
rkey="test-rkey") == "https://bad-service:443:443"
assert qualify_service_name(ir, "bad-service:443:443",
"otherns") == "bad-service:443:443"
assert qualify_service_name(
ir, "https://[fe80::e022:9cff:fecc:c7c4:443",
"otherns") == "https://[fe80::e022:9cff:fecc:c7c4:443"
assert qualify_service_name(
ir, "https://[fe80::e022:9cff:fecc:c7c4",
"otherns") == "https://[fe80::e022:9cff:fecc:c7c4"
assert qualify_service_name(
ir, "https://fe80::e022:9cff:fecc:c7c4",
"otherns") == "https://fe80::e022:9cff:fecc:c7c4"
assert qualify_service_name(ir, "https://bad-service:-1",
"otherns") == "https://bad-service:-1"
assert qualify_service_name(ir, "https://bad-service:70000",
"otherns") == "https://bad-service:70000"
assert normalize_service_name(
ir, "https://bad-service:443:443", "otherns",
'ConsulResolver') == "https://bad-service:443:443"
assert normalize_service_name(
ir,
"https://bad-service:443:443",
"otherns",
'ConsulResolver',
rkey="test-rkey") == "https://bad-service:443:443"
assert normalize_service_name(ir, "bad-service:443:443", "otherns",
'ConsulResolver') == "bad-service:443:443"
assert normalize_service_name(
ir, "https://[fe80::e022:9cff:fecc:c7c4:443", "otherns",
'ConsulResolver') == "https://[fe80::e022:9cff:fecc:c7c4:443"
assert normalize_service_name(
ir, "https://[fe80::e022:9cff:fecc:c7c4", "otherns",
'ConsulResolver') == "https://[fe80::e022:9cff:fecc:c7c4"
assert normalize_service_name(
ir, "https://fe80::e022:9cff:fecc:c7c4", "otherns",
'ConsulResolver') == "https://fe80::e022:9cff:fecc:c7c4"
assert normalize_service_name(ir, "https://bad-service:-1", "otherns",
'ConsulResolver') == "https://bad-service:-1"
assert normalize_service_name(
ir, "https://bad-service:70000", "otherns",
'ConsulResolver') == "https://bad-service:70000"
errors = ir.aconf.errors
assert "-global-" in errors
errors = errors["-global-"]
assert len(errors) == 16
# Ugg, different versions of Python have different error messages. Let's recognize the "Port could not be cast to
# integer value as" to keep pytest working on peoples up-to-date laptops with Python 3.8, and let's recognize
# "invalid literal for int() with base 10:" for the Python 3.7 in the builder container.
assert not errors[0]["ok"]
assert (
errors[0]["error"] ==
"Malformed service 'https://bad-service:443:443': Port could not be cast to integer value as '443:443'"
or errors[0]["error"] ==
"Malformed service 'https://bad-service:443:443': invalid literal for int() with base 10: '443:443'"
)
assert not errors[1]["ok"]
assert (
errors[1]["error"] ==
"test-rkey: Malformed service 'https://bad-service:443:443': Port could not be cast to integer value as '443:443'"
or errors[1]["error"] ==
"test-rkey: Malformed service 'https://bad-service:443:443': invalid literal for int() with base 10: '443:443'"
)
assert not errors[2]["ok"]
assert (
errors[2]["error"] ==
"Malformed service 'bad-service:443:443': Port could not be cast to integer value as '443:443'"
or errors[2]["error"] ==
"Malformed service 'bad-service:443:443': invalid literal for int() with base 10: '443:443'"
)
assert not errors[3]["ok"]
assert errors[3][
"error"] == "Malformed service 'https://[fe80::e022:9cff:fecc:c7c4:443': Invalid IPv6 URL"
assert not errors[4]["ok"]
assert errors[4][
"error"] == "Malformed service 'https://[fe80::e022:9cff:fecc:c7c4': Invalid IPv6 URL"
assert not errors[5]["ok"]
assert (
errors[5]["error"] ==
"Malformed service 'https://fe80::e022:9cff:fecc:c7c4': Port could not be cast to integer value as ':e022:9cff:fecc:c7c4'"
or errors[5]["error"] ==
"Malformed service 'https://fe80::e022:9cff:fecc:c7c4': invalid literal for int() with base 10: ':e022:9cff:fecc:c7c4'"
)
assert not errors[6]["ok"]
assert errors[6][
"error"] == "Malformed service 'https://bad-service:-1': Port out of range 0-65535"
assert not errors[7]["ok"]
assert errors[7][
"error"] == "Malformed service 'https://bad-service:70000': Port out of range 0-65535"
assert not errors[8]["ok"]
assert (
errors[8]["error"] ==
"Malformed service 'https://bad-service:443:443': Port could not be cast to integer value as '443:443'"
or errors[8]["error"] ==
"Malformed service 'https://bad-service:443:443': invalid literal for int() with base 10: '443:443'"
)
assert not errors[9]["ok"]
assert (
errors[9]["error"] ==
"test-rkey: Malformed service 'https://bad-service:443:443': Port could not be cast to integer value as '443:443'"
or errors[9]["error"] ==
"test-rkey: Malformed service 'https://bad-service:443:443': invalid literal for int() with base 10: '443:443'"
)
assert not errors[10]["ok"]
assert (
errors[10]["error"] ==
"Malformed service 'bad-service:443:443': Port could not be cast to integer value as '443:443'"
or errors[10]["error"] ==
"Malformed service 'bad-service:443:443': invalid literal for int() with base 10: '443:443'"
)
assert not errors[11]["ok"]
assert errors[11][
"error"] == "Malformed service 'https://[fe80::e022:9cff:fecc:c7c4:443': Invalid IPv6 URL"
assert not errors[12]["ok"]
assert errors[12][
"error"] == "Malformed service 'https://[fe80::e022:9cff:fecc:c7c4': Invalid IPv6 URL"
assert not errors[13]["ok"]
assert (
errors[13]["error"] ==
"Malformed service 'https://fe80::e022:9cff:fecc:c7c4': Port could not be cast to integer value as ':e022:9cff:fecc:c7c4'"
or errors[13]["error"] ==
"Malformed service 'https://fe80::e022:9cff:fecc:c7c4': invalid literal for int() with base 10: ':e022:9cff:fecc:c7c4'"
)
assert not errors[14]["ok"]
assert errors[14][
"error"] == "Malformed service 'https://bad-service:-1': Port out of range 0-65535"
assert not errors[15]["ok"]
assert errors[15][
"error"] == "Malformed service 'https://bad-service:70000': Port out of range 0-65535"
def test_shadow_v2():
aconf = Config()
yaml = '''
---
apiVersion: x.getambassador.io/v3alpha1
kind: AmbassadorListener
metadata:
name: ambassador-listener-8080
namespace: default
spec:
port: 8080
protocol: HTTPS
securityModel: XFP
hostBinding:
namespace:
from: ALL
---
apiVersion: x.getambassador.io/v3alpha1
kind: AmbassadorMapping
metadata:
name: httpbin-mapping
namespace: default
spec:
service: httpbin
hostname: "*"
prefix: /httpbin/
---
apiVersion: x.getambassador.io/v3alpha1
kind: AmbassadorMapping
metadata:
name: httpbin-mapping-shadow
namespace: default
spec:
service: httpbin-shadow
hostname: "*"
prefix: /httpbin/
shadow: true
weight: 10
'''
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml, k8s=True)
aconf.load_all(fetcher.sorted())
secret_handler = MockSecretHandler(logger, "mockery", "/tmp/ambassador/snapshots", "v1")
ir = IR(aconf, file_checker=lambda path: True, secret_handler=secret_handler)
assert ir
econf = EnvoyConfig.generate(ir, "V2")
bootstrap_config, ads_config, _ = econf.split_config()
ads_config.pop('@type', None)
mirrored_config = get_mirrored_config(ads_config)
assert 'request_mirror_policy' in mirrored_config['route']
mirror_policy = mirrored_config['route']['request_mirror_policy']
assert mirror_policy['cluster'] == 'cluster_shadow_httpbin_shadow_default'
assert mirror_policy['runtime_fraction']['default_value']['numerator'] == 10
assert mirror_policy['runtime_fraction']['default_value']['denominator'] == 'HUNDRED'
assert_valid_envoy_config(ads_config)
assert_valid_envoy_config(bootstrap_config)
def test_qualify_service():
aconf = Config()
fetcher = ResourceFetcher(logger, aconf)
fetcher.parse_yaml(yaml)
aconf.load_all(fetcher.sorted())
secret_handler = NullSecretHandler(logger, None, None, "0")
ir = IR(aconf,
file_checker=lambda path: True,
secret_handler=secret_handler)
assert ir, "could not create an IR"
assert qualify_service_name(ir, "backoffice", None) == "backoffice"
assert qualify_service_name(ir, "backoffice", "default") == "backoffice"
assert qualify_service_name(ir, "backoffice",
"otherns") == "backoffice.otherns"
assert qualify_service_name(ir, "backoffice.otherns",
None) == "backoffice.otherns"
assert qualify_service_name(ir, "backoffice.otherns",
"default") == "backoffice.otherns"
assert qualify_service_name(ir, "backoffice.otherns",
"otherns") == "backoffice.otherns"
assert qualify_service_name(ir, "backoffice:80", None) == "backoffice:80"
assert qualify_service_name(ir, "backoffice:80",
"default") == "backoffice:80"
assert qualify_service_name(ir, "backoffice:80",
"otherns") == "backoffice.otherns:80"
assert qualify_service_name(ir, "backoffice.otherns:80",
None) == "backoffice.otherns:80"
assert qualify_service_name(ir, "backoffice.otherns:80",
"default") == "backoffice.otherns:80"
assert qualify_service_name(ir, "backoffice.otherns:80",
"otherns") == "backoffice.otherns:80"
assert qualify_service_name(ir, "http://backoffice",
None) == "http://backoffice"
assert qualify_service_name(ir, "http://backoffice",
"default") == "http://backoffice"
assert qualify_service_name(ir, "http://backoffice",
"otherns") == "http://backoffice.otherns"
assert qualify_service_name(ir, "http://backoffice.otherns",
None) == "http://backoffice.otherns"
assert qualify_service_name(ir, "http://backoffice.otherns",
"default") == "http://backoffice.otherns"
assert qualify_service_name(ir, "http://backoffice.otherns",
"otherns") == "http://backoffice.otherns"
assert qualify_service_name(ir, "http://backoffice:80",
None) == "http://backoffice:80"
assert qualify_service_name(ir, "http://backoffice:80",
"default") == "http://backoffice:80"
assert qualify_service_name(ir, "http://backoffice:80",
"otherns") == "http://backoffice.otherns:80"
assert qualify_service_name(ir, "http://backoffice.otherns:80",
None) == "http://backoffice.otherns:80"
assert qualify_service_name(ir, "http://backoffice.otherns:80",
"default") == "http://backoffice.otherns:80"
assert qualify_service_name(ir, "http://backoffice.otherns:80",
"otherns") == "http://backoffice.otherns:80"
assert qualify_service_name(ir, "https://backoffice",
None) == "https://backoffice"
assert qualify_service_name(ir, "https://backoffice",
"default") == "https://backoffice"
assert qualify_service_name(ir, "https://backoffice",
"otherns") == "https://backoffice.otherns"
assert qualify_service_name(ir, "https://backoffice.otherns",
None) == "https://backoffice.otherns"
assert qualify_service_name(ir, "https://backoffice.otherns",
"default") == "https://backoffice.otherns"
assert qualify_service_name(ir, "https://backoffice.otherns",
"otherns") == "https://backoffice.otherns"
assert qualify_service_name(ir, "https://backoffice:443",
None) == "https://backoffice:443"
assert qualify_service_name(ir, "https://backoffice:443",
"default") == "https://backoffice:443"
assert qualify_service_name(ir, "https://backoffice:443",
"otherns") == "https://backoffice.otherns:443"
assert qualify_service_name(ir, "https://backoffice.otherns:443",
None) == "https://backoffice.otherns:443"
assert qualify_service_name(ir, "https://backoffice.otherns:443",
"default") == "https://backoffice.otherns:443"
assert qualify_service_name(ir, "https://backoffice.otherns:443",
"otherns") == "https://backoffice.otherns:443"
assert qualify_service_name(ir, "localhost", None) == "localhost"
assert qualify_service_name(ir, "localhost", "default") == "localhost"
assert qualify_service_name(ir, "localhost", "otherns") == "localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "localhost.otherns",
None) == "localhost.otherns"
assert qualify_service_name(ir, "localhost.otherns",
"default") == "localhost.otherns"
assert qualify_service_name(ir, "localhost.otherns",
"otherns") == "localhost.otherns"
assert qualify_service_name(ir, "localhost:80", None) == "localhost:80"
assert qualify_service_name(ir, "localhost:80",
"default") == "localhost:80"
assert qualify_service_name(ir, "localhost:80",
"otherns") == "localhost:80"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "localhost.otherns:80",
None) == "localhost.otherns:80"
assert qualify_service_name(ir, "localhost.otherns:80",
"default") == "localhost.otherns:80"
assert qualify_service_name(ir, "localhost.otherns:80",
"otherns") == "localhost.otherns:80"
assert qualify_service_name(ir, "http://localhost",
None) == "http://localhost"
assert qualify_service_name(ir, "http://localhost",
"default") == "http://localhost"
assert qualify_service_name(ir, "http://localhost",
"otherns") == "http://localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "http://localhost.otherns",
None) == "http://localhost.otherns"
assert qualify_service_name(ir, "http://localhost.otherns",
"default") == "http://localhost.otherns"
assert qualify_service_name(ir, "http://localhost.otherns",
"otherns") == "http://localhost.otherns"
assert qualify_service_name(ir, "http://localhost:80",
None) == "http://localhost:80"
assert qualify_service_name(ir, "http://localhost:80",
"default") == "http://localhost:80"
assert qualify_service_name(ir, "http://localhost:80",
"otherns") == "http://localhost:80"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "http://localhost.otherns:80",
None) == "http://localhost.otherns:80"
assert qualify_service_name(ir, "http://localhost.otherns:80",
"default") == "http://localhost.otherns:80"
assert qualify_service_name(ir, "http://localhost.otherns:80",
"otherns") == "http://localhost.otherns:80"
assert qualify_service_name(ir, "https://localhost",
None) == "https://localhost"
assert qualify_service_name(ir, "https://localhost",
"default") == "https://localhost"
assert qualify_service_name(ir, "https://localhost",
"otherns") == "https://localhost"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "https://localhost.otherns",
None) == "https://localhost.otherns"
assert qualify_service_name(ir, "https://localhost.otherns",
"default") == "https://localhost.otherns"
assert qualify_service_name(ir, "https://localhost.otherns",
"otherns") == "https://localhost.otherns"
assert qualify_service_name(ir, "https://localhost:443",
None) == "https://localhost:443"
assert qualify_service_name(ir, "https://localhost:443",
"default") == "https://localhost:443"
assert qualify_service_name(ir, "https://localhost:443",
"otherns") == "https://localhost:443"
# It's not meaningful to actually say "localhost.otherns", but it should passed through unchanged.
assert qualify_service_name(ir, "https://localhost.otherns:443",
None) == "https://localhost.otherns:443"
assert qualify_service_name(ir, "https://localhost.otherns:443",
"default") == "https://localhost.otherns:443"
assert qualify_service_name(ir, "https://localhost.otherns:443",
"otherns") == "https://localhost.otherns:443"
assert qualify_service_name(ir, "https://bad-service:443:443",
"otherns") == "https://bad-service:443:443"
assert qualify_service_name(
ir, "https://bad-service:443:443", "otherns",
rkey="test-rkey") == "https://bad-service:443:443"
errors = ir.aconf.errors
assert "-global-" in errors
errors = errors["-global-"]
assert len(errors) == 2
assert not errors[0]["ok"]
assert errors[0][
"error"] == "Malformed service port in https://bad-service:443:443"
assert not errors[1]["ok"]
assert errors[1][
"error"] == "test-rkey: Malformed service port in https://bad-service:443:443"